问题
I'm trying to send an email with this configuration:
return [
'driver' => 'smtp',
'host' => 'mail.mydomain.com',
'port' => 26,
'from' => ['address' => 'mailer@mydomain.com', 'name' => 'Mailer'],
'encryption' => 'tls',
'username' => env('MAIL_USERNAME'),
'password' => env('MAIL_PASSWORD'),
'sendmail' => '/usr/sbin/sendmail -bs',
'pretend' => false,
];
When I submit the form I receive this erorr:
ErrorException in StreamBuffer.php line 95:
stream_socket_enable_crypto(): SSL operation failed with code 1.
OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I found this solution where people seems to have solved the problem with the same library but I cant manage to solve it in Laravel.
https://github.com/PHPMailer/PHPMailer/issues/368
回答1:
Well in that link you provided the solution is straight-forward.
The correct solution is to fix your SSL config - it's not PHP's fault!
回答2:
Add this at bottom of your config/mail.php
'stream' => [
'ssl' => [
'allow_self_signed' => true,
'verify_peer' => false,
'verify_peer_name' => false,
],
],
this will solve your problem.
Editor's note: disabling SSL verification has security implications. Without verification of the authenticity of SSL/HTTPS connections, a malicious attacker can impersonate a trusted endpoint (such as GitHub or some other remote Git host), and you'll be vulnerable to a Man-in-the-Middle Attack. Be sure you fully understand the security issues before using this as a solution.
回答3:
In my case the problem was related to SSL. My SMTP has a self-signed certificate and my laravel was running on top of PHP 5.6 which disables the 'allow_self_signed' context variable to false and enables 'verify_peer' and hence poping the error when sending an email.
Since I didn't wanted to hack around swiftmailer code I added the Certificate Authority (CA) file of my server as trusted CA for my system executing laravel.
I did that getting the CA cert of my smtp server, something like
-----BEGIN CERTIFICATE-----
MIIElTCCA32gAwIBAgIJAMZjjNg64RQwMA0GCSqGSIb3DQEBCwUAMIGNMQswCQYD
VQQGEwJVUzEMMAoGA1UECBMDTi9BMQwwCgYDVQQHEwNOL0ExJDAiBgNVBAoTG1pp
...
5a8a4QEwWmnAOgHetsOCvhfeGW3yAJPD8Q==
-----END CERTIFICATE-----
and write it in my laravel machine which has an ubuntu 14.04 to a file named /usr/local/share/ca-certificates/my_cert.crt
. It is crucial to end the file with .crt
and also make it readable for everyone.
Then call update-ca-certificates
and the certificate will be added to the list of valid CAs of your server.
来源:https://stackoverflow.com/questions/30714229/how-to-deal-with-self-signed-tls-certificates-in-laravels-smtp-driver